Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
File: 16e3842c-0679-4aa3-bd71-e66ff760467d.roa (raw, json)
Hash identifier: 4Xfye/j+Ewv7wlZ6NM8WbW7PdF95D3dKiJ2gkOrb7bI=
Subject key identifier: 39:3D:F7:E2:AF:57:A6:55:CA:9A:29:19:95:C5:4B:9F:76:E1:28:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 097608E90AD212540B4A5855A10EA956EC7B5B39
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:76:08:e9:0a:d2:12:54:0b:4a:58:55:a1:0e:a9:56:ec:7b:5b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:6f:5d:1a:ab:3b:17:07:57:30:fa:c0:ca:
91:23:9a:cf:53:d3:8d:d0:c8:c1:5a:7c:71:f6:31:
af:64:1e:ba:86:6c:85:c0:ba:c0:dc:2e:ca:a9:b2:
a1:4e:d1:77:2d:2e:b9:1e:ed:e9:10:21:9d:3e:3b:
a8:e1:b9:22:0a:e7:ae:02:3f:75:9e:25:15:fa:d2:
cf:12:43:28:fd:85:de:b6:7e:d7:ce:a2:03:c2:60:
19:2c:51:72:8d:75:fe:5f:bf:a8:db:83:27:4e:0f:
68:3c:01:fa:2c:31:24:dc:1f:8c:0e:05:ad:06:8d:
31:3d:8f:13:45:d5:a1:a2:4c:03:b4:84:de:df:21:
32:c3:d0:64:37:72:43:22:38:9e:56:33:e9:ed:04:
c0:8c:de:37:21:b9:6b:1e:f5:ae:94:16:a6:fa:bf:
83:a4:03:fe:47:9e:b1:17:88:db:89:08:d0:8d:27:
c0:be:50:34:bb:62:0c:c7:e2:37:4d:4f:c2:99:e8:
92:a2:16:b2:b5:4d:e0:02:8c:14:c1:ae:c1:98:e7:
74:52:1b:bf:ea:c3:20:35:3a:0a:b3:1c:f4:c8:56:
9c:5c:c0:60:d6:ee:fa:85:f8:b1:02:5e:60:7c:42:
02:ab:81:e1:24:23:ee:67:b1:8b:c7:f5:1f:f5:72:
ba:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3D:F7:E2:AF:57:A6:55:CA:9A:29:19:95:C5:4B:9F:76:E1:28:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:a7:1f:67:e2:22:fe:29:8b:b6:9b:56:43:42:83:ef:e7:3c:
f9:3b:2b:6d:0f:ce:9c:58:b4:81:03:fc:c6:ae:f4:22:af:85:
25:f4:cd:f3:c8:16:96:92:65:a1:2f:22:58:01:c2:99:9d:2d:
54:3d:92:94:fa:cc:d5:5d:6c:87:de:ea:bb:f8:82:34:b2:19:
e2:8a:e0:27:6d:a9:37:c6:b6:ee:3f:ca:79:0b:aa:c9:63:ac:
72:e3:af:d8:78:79:58:b5:57:97:2b:d0:79:a6:f5:57:c3:85:
01:a4:15:45:76:04:77:77:50:14:09:a5:67:2f:e4:44:62:f1:
a6:98:90:ba:8a:aa:d6:c8:b6:d1:3a:97:82:d7:b8:ea:7b:8a:
ec:c1:7a:ff:b5:d4:43:0a:8a:27:15:3c:de:bb:80:85:21:0d:
7e:89:d3:63:ec:0b:a2:d2:be:15:ac:60:7e:3b:9b:4f:ce:10:
fc:7a:d1:48:1b:c3:bc:37:4a:bf:37:d9:ad:50:2f:56:60:bb:
71:e9:b2:26:b1:9b:d4:92:73:bd:54:a0:36:c0:b8:f1:0c:75:
b8:0a:b6:00:13:6d:d0:c1:20:5f:7b:89:d1:f2:9e:33:d6:9e:
af:e6:69:f5:f3:3a:10:df:07:5f:60:70:d9:87:1a:15:a1:57:
6e:09:bc:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCXYI6QrSElQLSlhVoQ6pVux7WzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1YWIyOTEyZTJiZjZlMDk4NWY1NzQ4MzY1YTIwYjk4ZTAxMGI5YzkxZmRh
NmJlZTRmMjIyOGU2NDY4Y2ViN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4Qb10aqzsXB1cw+sDKkSOaz1PTjdDIwVp8cfYxr2QeuoZshcC6wNwuyqmy
oU7Rdy0uuR7t6RAhnT47qOG5IgrnrgI/dZ4lFfrSzxJDKP2F3rZ+186iA8JgGSxR
co11/l+/qNuDJ04PaDwB+iwxJNwfjA4FrQaNMT2PE0XVoaJMA7SE3t8hMsPQZDdy
QyI4nlYz6e0EwIzeNyG5ax71rpQWpvq/g6QD/keesReI24kI0I0nwL5QNLtiDMfi
N01PwpnokqIWsrVN4AKMFMGuwZjndFIbv+rDIDU6CrMc9MhWnFzAYNbu+oX4sQJe
YHxCAquB4SQj7mexi8f1H/VyugMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5Pffi
r1emVcqaKRmVxUufduEosTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTZlMzg0MmMtMDY3OS00YWEzLWJkNzEtZTY2ZmY3NjA0NjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQC7px9n4iL+KYu2m1ZDQoPv5zz5OyttD86cWLSBA/zG
rvQir4Ul9M3zyBaWkmWhLyJYAcKZnS1UPZKU+szVXWyH3uq7+II0shniiuAnbak3
xrbuP8p5C6rJY6xy46/YeHlYtVeXK9B5pvVXw4UBpBVFdgR3d1AUCaVnL+REYvGm
mJC6iqrWyLbROpeC17jqe4rswXr/tdRDCoonFTzeu4CFIQ1+idNj7Aui0r4VrGB+
O5tPzhD8etFIG8O8N0q/N9mtUC9WYLtx6bImsZvUknO9VKA2wLjxDHW4CrYAE23Q
wSBfe4nR8p4z1p6v5mn18zoQ3wdfYHDZhxoVoVduCbwy
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:15 2025 by rpki-client